[Cryptography] Review of UBIC

Ubicorn ubicorn at protonmail.com
Mon Feb 26 16:49:36 EST 2018


Hello,
we have released a cryptocurrency called UBIC that distributes a universal basic income to it's users.
We solved the sibyl attack by requiring users to scan the NFC chip of their E-Passport.
The process works this way:
- The user reads out the PKCS7 file contained on the E-Passport.
- A non-transerable proof of signature knowledge is created on one of his UBIC addresses using the document signing certificate contained in the PKCS7 file.
- This proof is broadcasted and included in the blockchain

The source code of the project can be found here: https://github.com/UBIC-repo/core
The non-transferable proof of signature knowledge for ECDSA signatures is generated here: https://github.com/UBIC-repo/core/blob/master/NtpEsk/NtpEsk.cpp
and for RSA signatures here: https://github.com/UBIC-repo/core/blob/master/NtpRsk/NtpRsk.cpp

We are a little bit unsure if our non-transferable proof of signature knowledge for RSA is completely secure because we had to hack it a little bit.
It is based on on the Guillou-Quisquater protocol where the challenge has to be smaller than the RSA exponent.
However because the document signing certificate exponents are almost every time 65537 we generate 5 proofs of 16 bit entropy each.

What are your opinions on this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180226/d352ba9a/attachment-0001.html>


More information about the cryptography mailing list